- Kicksecure in live mode as Host OS, but as dualboot on second SSD (first SSD and boot for public use)
- Kicksecure in live mode through USB (can be with physical write-protection if possible)
- Kicksecure in live mode on external SSD
I want to somehow do so i have in one main os windows for aaa gaming and public use, but in other os Kicksecure for private use in which i will be able to host whonix vm’s through kvm for sensitive use.
Which option will be best in this situation, maybe you have better solution?
Booting into a Windows installation used for gaming while the Kicksecure drive is attached is most likely a bad idea, as gaming oftentimes involves installing and running not-totally-trusted software on the system. VMs on a USB flash drive are going to be painful, and live mode is not suitable for use with Whonix VMs unless you have a very large amount of RAM (64 GB at minimum, 128 GB or more would be better), as the entire virtual machine images will have to be loaded into RAM for this to work.
I think what you probably actually want is something like this:
- Install Kicksecure on an external SSD in persistent mode. Use the ISO for this, enable disk encryption.
- Install Whonix VMs on top of that, which are booted into persistent mode only for updates or installing software, and are booted into live mode otherwise.
- Create a shared folder so you can persist data from the Whonix VMs that you want to keep without having to make the Whonix VMs themselves persistent. See VirtualBox Guest Additions: Clipboard Sharing, Shared Folder, and More if you’re using VirtualBox, or Whonix for KVM if you’re using KVM.
- Ensure the SSD is unplugged before booting into Windows.
1 Like
related wiki chapters:
What about if i do that on 2 separate disks and both are encrypted with different ways? If possible just don’t boot second one
Possible but discouraged as per above.
See Malware and Firmware Trojans to learn more about the impacts of a compromised TCB.
I wanted to do something like this, just instead of windows VM separate boot, don’t want to buy 2 highe end devices, it would be expensive and suspicious in first place, why would i need that.
http ://opbible7nans45sg33cbyeiwqmlp5fu7lklu6jd6f3mivrjeqadco5yd.onion//opsec/veracrypt/
Then even mounting external ssd isn’t safe?
Not perfectly safe as per above. Main risk here is persistently compromised hardware by firmware trojans.
Unfortunately, x86 isn’t “stateless” as defined in this paper:
related:
So only working solution would be completly separate devices?
It’s important to establish a threat model before asking what is and isn’t a “working” solution.
If you’re a target of a determined and skilled hacker who may attempt to infect your Windows system with malware that can embed itself into the system’s BIOS, then yes, the only solution that will do what you want is completely separate devices. That way, if and when your Windows device becomes compromised in this way, the malware will not affect your Kicksecure device. You might also want to assume you are targeted in this way if you want to learn the habits needed to deal with such an attacker, should you become targeted in the future.
In practical terms, it is unlikely you need to defend against such threats, as attackers generally don’t put this kind of effort into attacking random individuals. Kicksecure’s documentation and features tries to cater to users that have to fear firmware rootkits, but it’s up to the user to determine whether they want to worry about firmware rootkits or not. If firmware rootkits aren’t in your threat model, then you can likely use the same machine for both Windows and Kicksecure by using an external SSD as described above.
1 Like
Threat model threat model threat model
The good thing about linux and by extension Kicksecure, is you can install it on an external drive. Meaning you can boot from that when you need to without altering your main OS (meaning Windows 10/11 or MacOS).
Things that you should look into are isolation and compartmentalization and decide what is best for you (implement as many as you need for threat model):
-
User accounts different local user accounts for different tasks (isolated home folders/directories)
-
Virtual machines for different tasks (isolated for tasks accounts)
-
Web Browsers for different tasks accounts (CDN browser fingerprinting example)
-
Dedicated devices for certain tasks or accounts (one laptop for crypto or identity for example)